<?php
/* 
 * Amnesia is Copyright (c) 2010 Mark Russell
 * 
 * Contact: info@amnesia-app.com	
 * 
 * This file is part of Amnesia.
 * 
 * Amnesia is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 * 
 * Amnesia is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with Amnesia. If not, see <http://www.gnu.org/licenses/>.
 *
 */

include '../../db/db.php';

$id = mysql_real_escape_string ($_POST[id]);
$user_id = mysql_real_escape_string ($_POST[user_id]);
$cat_name = mysql_real_escape_string ($_POST[cat_name]);
$v1 = mysql_real_escape_string ($_POST[v1]);
$v2 = mysql_real_escape_string ($_POST[v2]);
$v3 = mysql_real_escape_string ($_POST[v3]);
$v4 = mysql_real_escape_string ($_POST[v4]);
$v5 = mysql_real_escape_string ($_POST[v5]);
$v6 = mysql_real_escape_string ($_POST[v6]);
$v7 = mysql_real_escape_string ($_POST[v7]);
$v8 = mysql_real_escape_string ($_POST[v8]);
$v9 = mysql_real_escape_string ($_POST[v9]);

// Add date for notes
$date = date("jS M Y, g.ia");

$query = "UPDATE `" . $cat_name . "` SET `title` = '" . $v1 . "', ";

switch ($cat_name) {
    case "web":
        $query .= "`username` = '" . $v2 . "', `password` = '" . $v3 . "', `url` = '" . $v4 . "', `notes` = '" . $v5;
		break;
	case "hosted":
        $query .= "`username` = '" . $v2 . "', `password` = '" . $v3 . "', `dns1` = '" . $v4 . "', `dns2` = '" . $v5 . "', `dns3` = '" . $v6 . "', `dns4` = '" . $v7 . "', `ip` = '" . $v8 . "', `notes` = '" . $v9;
		break;
	case "phone":
        $query .= "`username` = '" . $v2 . "', `password` = '" . $v3 . "', `notes` = '" . $v4;
		break;
	case "license":
        $query .= "`serial` = '" . $v2 . "', `url` = '" . $v3 . "', `notes` = '" . $v4;
		break;
	case "cards":
        $query .= "`service` = '" . $v2 . "', `card_no` = '" . $v3 . "', `start` = '" . $v4 . "', `end` = '" . $v5 . "', `cvn` = '" . $v6 . "', `name` = '" . $v7 . "', `pin` = '" . $v8 . "', `notes` = '" . $v9;
        break;
	case "banking":
        $query .= "`username` = '" . $v2 . "', `password` = '" . $v3 . "', `notes` = '" . $v4;
		break;
	case "email":
        $query .= "`username` = '" . $v2 . "', `password` = '" . $v3 . "', `server` = '" . $v4 . "', `smtp` = '" . $v5 . "', `notes` = '" . $v6;
        break;
    case "computer_user":
        $query .= "`username` = '" . $v2 . "', `password` = '" . $v3 . "', `platform` = '" . $v4 . "', `notes` = '" . $v5;
        break;
	case "hardware":
        $query .= "`model` = '" . $v2 . "', `serial` = '" . $v3 . "', `location` = '" . $v4 . "', `name` = '" . $v5 . "', `tag` = '" . $v6 . "', `notes` = '" . $v7;
        break;
    case "certificates":
        $query .= "`company` = '" . $v2 . "', `url` = '" . $v3 . "', `email` = '" . $v4 . "', `certificate` = '" . $v5 . "', `notes` = '" . $v6;
        break;
    case "notes":
        $query .= "`updated` = '" . $date . "', `notes` = '" . $v4;
        break;
}

$query .= "' WHERE `" . $cat_name . "_id` = " . $id;

// Run the query
if(!($result = @ mysql_query ($query, $con)))
	showerror();

mysql_close($con);
?>
